Subject: bin/29677: systrace: string operator "inpath" is broken
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Christian Biere <christianbiere@gmx.de>
List: netbsd-bugs
Date: 03/12/2005 12:16:00
>Number: 29677
>Category: bin
>Synopsis: systrace: string operator "inpath" is broken
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Mar 12 12:16:00 +0000 2005
>Originator: Christian Biere
>Release: NetBSD 2.99.11
>Environment:
System: NetBSD cyclonus 2.99.11 NetBSD 2.99.11 (STARSCREAM) #4: Fri Jan 7 14:02:19 CET 2005 bin@cyclonus:/usr/obj/sys/arch/i386/compile/STARSCREAM i386
Architecture: i386
Machine: i386
>Description:
The rule
netbsd-fsread: filename inpath "/tmp/blah" then permit
grants access to "/tmp/blah", "/tmp", "/" but not "/tmp/blah/xxx". The
logic seems to be completely reversed on this. This is caused by using
the argument's string length with strncmp() instead of the rule's
string length.
Access to / is explicitely granted in any case. This doesn't make any
sense and certainly doesn't match the documentation.
This was posted by John Wong to lucky.openbsd.misc.
>How-To-Repeat:
$ systrace -A /bin/ls $HOME/tmp
[Change "eq" to "inpath" for $HOME/tmp]
$ systrace -a /bin/ls $HOME/tmp
[lists files in $HOME/tmp]
$ systrace -a /bin/ls $HOME
[lists files in $HOME]
$ systrace -a /bin/ls /
[lists files in /]
>Fix: